Описание
In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadMNGImage in coders/png.c, related to accessing one byte before testing whether a limit has been reached.
Ссылки
- PatchVendor Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Issue TrackingVendor Advisory
- Third Party Advisory
- PatchVendor Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Issue TrackingVendor Advisory
- Third Party Advisory
Уязвимые конфигурации
Одно из
EPSS
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
Связанные уязвимости
In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadMNGImage in coders/png.c, related to accessing one byte before testing whether a limit has been reached.
In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buff ...
In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadMNGImage in coders/png.c, related to accessing one byte before testing whether a limit has been reached.
Уязвимость функции ReadMNGImage (coders/png.c) кроссплатформенной библиотеки для работы с графикой GraphicsMagick, позволяющая нарушителю выполнить произвольный код
EPSS
8.8 High
CVSS3
6.8 Medium
CVSS2